PRELIMINARY READING FOR ALGEBRAIC NUMBER THEORY. HT 2012/13. 



E.V. FLYNN 

Section 0. Background Material in Algebra and Number Theory 

The following gives a summary of the main ideas you need to know as prerequisites to the 
Part B lecture course on Algebraic Number Theory There is an associated optional Sheet 
of questions for you to try if you feel you need to refresh your skills in these topics. Most 
of you should have seen most of this material before in lecture courses from previous terms, 
but it is just as well to read through it carefully in order to fill in any gaps. 

Please email me at flynn@maths.ox.ac.uk if you notice any typos. 

Groups 

Definition 0.1. A group is a set G with a binary operation * which satisfies the following 

properties. 

Closure: U f,g E G then f * g E G. 

Associativity: For all f,g,h E G, {f * g) * h = f * (g * h) . 

Existence of identity: There exists e E G such that, for all g E G, e * g = g * e = g. 
Existence of inverses: For all g E G, there exists h E G such that g*h = h*g = e. 

Comment 0.2. The element h is the inverse of g, and is typically denoted g"^, when 
referring to a general group G, *, and any specific group whose operation is some type of 
multiplication. On the other hand, the inverse of g will typically be denoted —g when dealing 
with a specific group whose operation is some form of addition. 

Definition 0.3. We say that a group G is a commutative (or Abelian) group if it also satisfies 
Commutativity: For all /, gf G G, f * g = g * f ■ 

Examples 0.4. 

(a) Z, + is an Abelian group (identity 0). 

(b) Z, X has identity = 1 but, for example, 2 has no inverse, and so this is not a group. 

(c) 1R+, X (the positive real numbers under multiplication) is an Abelian group with iden- 
tity 1. 

(d) Mx]R,+ [which means all pairs (a, 6), with operation (oi, fei) + (a2, ^2) = (01 + 02,^*1 + ^2)] 
is an Abelian group with identity (0,0). 
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(e) {2x2 matrices with nonzero determinant} under matrix multiplication is a group. 
Identity = (jj). 

(f) Cg, + [the cyclic group of order 6], denoting {0,1,2,3,4,5} under + modulo 6 [e.g. 
3 + 4 = 1]. This is an Abelian group with identity 0. 

(g) C2 X C3, +, which is {(0, 0), (0, 1), (0, 2), (1, 0), (1, 1), (1, 2)} under the operation: 
(ai,6i) + (02,62) = (ai + a2 mod 2, 61 + 62 mod 3). This is an Abelian group with iden- 
tity (0,0). 

(h) Let 5*3,0 be the set of permutations of {1,2,3}, with: f o g = '(ji-followed-by-/' as our 
operation [we shall normally abbreviate f o g as fg]. This is a group and the elements 
are: {e, (12), (13), (23), (123), (132)} [where, for example, (132) represents the permutation: 
1 ^ 3, 3 ^ 2, 2 1, and (23) represents 2 ^ 3, 3 ^> 2 (with 1^1)]. This is not an Abehan 
group since, for example, (132)(12) = (23), but (12)(132) = (13). 

Definition 0.5. Let and G2, *2 be groups, and let : Gi — > 6*2 [a map from Gi 

to 6*2]. We say that is a homomorphism if, for all g,h & G, (f){g *i h) — (f){g) *2 (t>{h). 
An endomorphism on a group G is a homomorphism from G to itself. 

Examples 0.6. 

(a) log : M^, X — ;> M, + is a homomorphism since, for all a, 6 € M"*", log(ax6) = log(a)-|-log(6) 
[that is, log(a *ib) = log(a) *2 log(6)]. 

(b) : R X R, + ^ M, + defined by 0((a, 6)) = a [can also express this as : (a, 6) a] is 
a homomorphism. 

Proof. 0((a, b) *i (c, d)) = 0((a, b) + (c, d)) = <p(^{a + c,b + d)) = a + c. 

Also, 0((a, &)) *2 0((c, (i)) = 0((a, 6)) + 0((c, d)) = a + c, and these are the same. 

(c) : Z, H 7> Z, +, defined by 0(a) = 2a is a homomorphism. 

(d) : Z, H )■ Z, + : a H-)- a^ is not a homomorphism since, for example, 0(2 + 3) = 0(5) ~ 

52 = 25, but 0(2) + 0(3) = 2^ + 32 = 13, and these are not equal. 

Definition 0.7. Let : 5 — > T, for any sets S,T. We say that is injective (or 1-1 or an 
injection) if, for all f,g e S, (f){f) = (f){g) ^ f ^ g- that is, f ^ g ^ (/){/) ^ (f){g) [i.e. 
when it never happens that two distinct / and g are mapped by to the same element] . We 
say that is surjective (or onto or a surjection) if, for all w & T, there exists g & S such 
that w — (f>{g) [i.e. when every member of T is mapped onto by at least one element of S]. 
We say that is bijective (or a bijection) if it is both injective and surjective. 

Definition 0.8. Let : — )■ G2,*2 be a homomorphism. The kernel of (denoted 
ker 0) is defined as the set of all members of Gi which are mapped to the identity clement 62 
in G2- That is: ker (f) — {g e Gi : (t){g) — €2}. The image of (denoted im 0) is the 
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set of all members of G2 which are mapped onto by some member of Gi. That is to say: 
im = {(l){g) : g G Gi}. 

Comment 0.9. Clearly, a homomorphism cj) : Gi,*i — )■ 6*2, *2 is injective if and only if 
ker (f) — {ei}, where ei is the identity element in Gi. It is surjective if and only if im = ^2- 

Examples 0.10. 

(a) log : M"*", X ^ M, + is an injection since, for any f,gE M^: 4>{f) = <p{g) =^ log / = 
log^ =^ e^°^f = e'°s9 ^ f = g_ 

It is also a surjection since, if w e M, we can take g = e M"*" and 4>{g) = log(e"') = w. 
Hence is a bijection, since it is both an injection and a surjection. The kernel is {1} [that 
is, 1 is the unique member of M"*", x mapped by log to the identity element in M, +]. The 
image is all of R [since the map is surjective]. 

(b) Let : M X M, H M, + be defined by 0((a, 6)) = a. This is not an injection since, 

for example, 0((2, 1)) — 2 and 0((2,3)) — 2, but (2,1) 7^ (2,3). It is a surjection since, 
for any r e R, we can take (r, 0) e R x R which satisfies 0((r, 0)) = r [of course, we could 
just as easily have used (r, 1); we merely had to show that every r e R is mapped onto by 
at least one member of of R x R]. The kernel is {(0, 6) : 6 e R} and the image is all of R 
[since (j) is surjective]. 

(c) : Z, H — )■ Z, +, a !->■ 2a. This is an injection since, for any a,b E Z: (f){a) = (j){h) =^ 
2a = 2h a — b. It is not a surjection since nothing maps to 3 (for example). The kernel 
is {0} and the image is {. . . , —4, —2, 0, 2,4, . . .}. 

Definition 0.11. Let and G2,*2 be groups and let : Gi — >■ G2- If is both a 

bijection and a homomorphism, then we say that (p is an isomorphism. If there exists an 
isomorphism : Gi ^ G2, we say that the two groups are isomorphic (same shape) and we 
write Gi ^ G2. 

Comment 0.12. If Gi and G2 are isomorphic groups, then G2 can be regarded as the same 
group as Gi, merely with the elements relabelled. Gi and G2 will have all of the same 
structural properties (for example, Gi will be Abelian iff G2 is Abelian, Gi will have an 
element g e satisfying g * g = e iS G2 has such an element, etc). 

Example 0.13. log : R"*", x — )■ R, + is an isomorphism, since it is both a homomorphism 
and a bijection. The groups R"*", x and R, + are isomorphic. 

Comment 0.14. Two finite groups Gi, G2 are isomorphic if the group table of Gi can have 
its elements relabelled to give the group table of G2. 

Example 0.15. Let Gi = G2 x G3 and G2 = Gg. Let : Gi ^ G2 be defined by: 
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(0,0)^0, (1,1)^1, (0,2)^2, (1,0)^3, (0,1)^4, (1,2)^5. 
The group table of Gi is as follows. 



+ 


(0,0) 


(0,1) 


(0,2) 


(1,0) 


(1,1) 


(1,2) 


(0,0) 


(0,0) 


(0,1) 


(0,2) 


(1,0) 


(1,1) 


(1,2) 


(0,1) 


(0,1) 


(0,2) 


(0,0) 


(1,1) 


(1,2) 


(1,0) 


(0,2) 


(0,2) 


(0,0) 


(0,1) 


(1,2) 


(1,0) 


(1,1) 


(1,0) 


(1,0) 


(1,1) 


(1,2) 


(0,0) 


(0,1) 


(0,2) 


(1,1) 


(1,1) 


(1,2) 


(1,0) 


(0,1) 


(0,2) 


(0,0) 


(1,2) 


(1,2) 


(1,1) 


(1,1) 


(0,2) 


(0,0) 


(0,1) 



Replacing all entries using gives the following table. 



+ 





4 


2 


3 


1 


5 








4 


2 


3 


1 


5 


4 


4 


2 





1 


5 


3 


2 


2 





4 


5 


3 


1 


3 


3 


1 


5 





4 


2 


1 


1 


5 


3 


4 


2 





5 


5 


3 


1 


2 
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This is just the group table for Cg, which proves that C2 x C3 = Cq. 

The last example is a special case of the following result. 

Lemma 0.16. When m,n & X and m,n have no common factors (apart from 1) then 
n n n 

The following is also quite a useful property of finite Abelian groups. 
Lemma 0.17. Any finite Abelian group G is isomorphic to the product of cyclic groups: 

G — Cmi X X ... X Crrife ; for SOmC Cmi , • • • , Cm^. ■ 

For any group G, it is natural to consider groups which lie inside G (that is to say, which 
are subsets of G). 

Definition 0.18. Let G, * be a group and let if C G [H is a subset of G]. We say that H 
is a subgroup of G (written: if ^ G) if if is nonempty, and forms a groups with respect to 
the same operation * as G. This is equivalent to: 

cg E H (where cq is the identity element in G), 

li f,geH then f*geH, 

If h E H then h^^ E H. Note that associativity automatically holds in H since it holds in 
the group G, of which if is a subset. 
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Examples 0.19. 

(a) i7 = {...,-4,-2,0,2,4,...}^Z,+. 

(b) H = {. . . , —3, — 1, 1, 3, . . .} ^ Z, +, since the identity element is not in the set (we could 
alternatively have used the fact that it is not closed; for example, 1, 3 G but 1 + 3 ^ H). 

(c) H = {0, 1, 2, 3, . . .} ^ Z, +. It is fine for containing the identity element and closure, 
but H does not contain the inverse of every element in H (for example, 3 e if but —3 ^ H). 

Definition 0.20. Let H ^ G and let g e G. The set gH ^ {g * h : h e H} is called a left 
coset of H and the set Hg — {h* g : h e H} is called a right coset of H. When the number 
of distinct left cosets is finite, it can be shown that this is the same as the number of distinct 
right cosets; this number is the index of in G and is denoted [G : H]. 

Comment 0.21. When the group operation is some form of multiplication, one typically 
writes the left (or right) cosets, as above, in the style gH (or Hg). When the group operation 
is some form of addition, then one typically writes g + H = {g + h:hG H} (similarly 
for H + g). 

Example 0.22. Let G = Z, + and let = 3Z = {. . . , -6, -3, 0, 3, 6, . . .} ^ C Then some 
examples of left cosets are: 



+ H = 


{•• 


.,0 + 


:-6),0 + 


^-3), + 0, + 3, + 6,. 


••} 


= {•• 


, —6, —3, 0, 3, 6, 


••}, 


1 + H = 


{•• 


•,1 + 


:-6),l + 


^-3), 1 + 0, 1 + 3, 1 + 6,. 


■•} 


= {■• 


,-5,-2,1,4,7, 


■■}, 


2 + H = 


{•• 


•,2 + 


:-6),2 + 


^-3), 2 + 0,2 + 3, 2 + 6,. 


■•} 


= {■■ 


,-4,-1,2,5,8, 


■■}, 


3 + H = 


{•• 


.,3 + 


:-6),3 + 


^-3), 3 + 0,3 + 3, 3 + 6,. 


■•} 


= {■• 


,-3,0,3,6,9,.. 


■}■ 


A + H = 


{•• 


.,4 + 


:-6),4+ 


;-3), 4 + 0,4 + 3,4 + 6,. 


■•} 


= {•• 


,-2,1,4,7,10,. 


..}. 



Note that + // = 3 + //andl + // = 4 + //. Clearly 
...-6 + H^-3 + H^0 + H^3 + H^6 + H^... 
...-5 + H^-2 + H^l + H^4: + H^7 + H^... 
...-4: + H^-l + H^2 + H^5 + H^8 + H^... 



so that there are only 3 distinct left cosets. So here the index [G : H] — 3. 

The left coset eH — H, where e is the identity element, so that H is one of the left cosets 
of itself (and similarly is one of the right cosets of itself). It can be shown two left cosets 
giH and g2H are either equal or disjoint and that every element of G is a member of some 
coset. When G is a finite group, it can also be shown that any giH and g2H have the same 
number of elements (and so every left coset of H has the same number of elements as H). 
It follows that the left cosets of H give a partition of G, that is, they give G as a union of 
disjoint subsets. Since each of these subsets has the same number of elements as iJ, we see 
that |G| = \H\ + . . . + \H\ — k\H\, where k is the number of distinct left cosets of H [here. 
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15*1 is the standard notation for the number of elements in 5*, for any set S]. The following 
immediately follows. 

Theorem 0.23. (Lagrange's Theorem) Let G be a finite group, and let H ^ G. Then \H\ 
is a factor of \G\ [this can also be expressed as \H\ divides \G\, or as \H\ \ \G\]. 

There are many situations where we would like to consider the elements of a group G, 
but in a simplified context, where we 'mod out' (or 'quotient out') by a subgroup, and focus 
on the information that remains. For example, when G = Z, +, we might want to collapse 
H — SZ ^ G down to a single element, and consider the elements mod H (considering 
elements to be the same if they he in the same coset). The natural way to do this is to 
create a new group G/H, whose elements are (say) the left cosets of H, in which case there 
are only 3 distinct elements: 

{...,-6, -3, 0,3, 6,... },{..., -5, -2, 1,4, 7,... },{.... -4, -1,2,5, 8,...}, 

which give all the members of G/H. It is natural to ask whether the group law on G carries 
over to give group law on G/H. How might we add, for example, the second and third of 
these? That is, we want to perform the addition: 

{...,-5, -2, 1,4, 7,... } + {..., -4, -1,2, 5,8,...}. 

A natural attempt is add any element in the first coset to any element in the second coset, 
and see what coset the sum lies in. For example, —5 is in the first coset, and 2 is the second 
coset, and — 5 + 2 = —3, which lies in: {. . . , —6, —3, 0, 3, 6, . . .}, suggesting that, in G/H: 

{...,-5, -2, 1,4, 7,... } + {..., -4, -1,2, 5, 8,... } = {..., -6, -3, 0,3, 6,...}. 

Furthermore, it doesn't matter what members you take: you can add any member of 
{. . . , —5, —2, 1, 4, 7, . . .} to any member of {. . . , —4, —1, 2, 5, 8, . . .} and you will get a mem- 
ber of {. . . , —6, —3, 0, 3, 6, . . .}, reinforcing our confidence in this definition of the sum. It is 
easy to see that this gives a way of turning the 3 members oi G/H into a group. We can 
also express this group law on G/H as: {gi + H) + {g2 + H) — {gi + g2) + H, where the 
well-definedness of this rule is due to the fact that, at least for this choice of G, H, whenever 
gi + H ^ g[ + H and g2 + H ^ g'^ + H then (gi + g^) + H ^ {g[ + g'^) + H. Even though the 
members oi G/H are sets, it is often convenient to denote them by selected representative 
elements; for example, we can use 0, 1, 2 to denote the cosets containing 0, 1, 2, respectively, 
in which case that above addition could be expressed as: 1 + 2 — in G/H. Of course, 91 
lies in the same coset as 1, so that 1 = 91 in G/H; we could just as easily represent our 3 
members of G/H as 0, 91, 2 and say that 91 + 2 = in G/H. 

Similarly, let G = C*, x, the group of nonzero complex numbers under multiplication, and 
let H — {z : \z\ — 1} ^ G , the unit circle on an Argand diagram. Then an example of a left 
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coset is (3 + 4:i)H = {(3 + 4:i)z : \z\ = 1}, which is easily seen to be just the circle, centre 0, 
with radius 5 (the modulus of 3 + 4i). Note that the group operation is multiplication 
here, so the cosets are written as gH = {g * h : h E H} = {gh : h e H} [rather than 
g + H={g*h:hE H} = {g + h : h E H}, as in the previous example]. Two complex 
numbers are in the same coset iff they have the same modulus. Clearly, the left cosets are 
just the circles with centre 0, and these are the elements of G/H. We have 'modded out' 
by H, removing the argument information, and retaining only the modulus information. We 
can turn G/H into a group under multiplication: for example, the set of complex numbers 
of modulus 5 multiplied by the set of complex numbers of modulus 2 gives the set of complex 
numbers modulus 10. This is well defined, since it does not matter which representative is 
taken: any member of the first coset (any complex number of modulus 5) times any member 
of the second coset (any complex number of modulus 2) will give a member of the third coset 
(a complex number of modulus 10). 

By way of contrast, let G be as in Example 0.4(h), that is, G = 5*3,0, the group of 
permutations of {1, 2, 3} under the operation f o g = '^(-followed-by-/' [where, as usual, we 
shall abbreviate fog as fg]. Consider H — {e, (12)} ^ G. There are only 3 distinct left 
cosets of H: 

eH={12)H = {e,il2)}, 

(123)i/=(13)i/ = {(123),(13)}, 

(132)iJ = {23)H = {(132), (23)}. 
How might we try to perform: {e, (12)}{(123), (13)}? We could attempt the same approach 
as before: take any element from each set, combine them according to the group law on G 
and see what coset the results lies in. For example, e is a member of {e, (12)} and (123) 
is a member of {(123), (13)} and e(123) = (123) G {(123), (13)}. So we might be tempted 
to say that {e, (12)}{(123), (13)} = {(123), (13)}. On the other hand, (12) e {e, (12)} 
and (13) G {(123), (13)}, and (12)(13) = (132) G {(132), (23)}, so this suggests that 
{e, (12)}{(123), (13)} = {(132), (23)}. We see that there is no sensible unambiguous way 
of defining {e, (12)}{(123), (13)}. To put it another way, our attempt to use the natural rule 
{giH){g2H) = {gig2)H to give a group law on G/H, has foundered on the fact that there 
are instances where giH = g[H and g2H = g2H, but {gig2)H ^ {g'^g'^H [for example, when 
9\ — ^,9i = (12), = (123), = (13)]. Any attempt to turn the set of right cosets into a 
group would also suffer the same problem. Note that if we keep the group G = ^a, as before, 
but use instead H — {e, (123), (132)} ^ G, then it is easy to check that everything is fine, 
and we can turn G/H into a group. 

The key property which allows G/H to he a group is the following. 
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Definition 0.24. Let G, * be a group and let H ^ G. We say that if is a normal subgroup 
of G, denoted H <\ G if, for every g E G, gH = Hg. 

An equivalent definition is: \/g E G, \/h E H, g^^hg E H. 

Comment 0.25. When H <G, the left cosets of H are the same as the right cosets, and 
so we can just refer to them as cosets, without needing to specify left or right. 

Definition 0.26. Let G, * be a group and let H <iG. Then G/H (or 'G quotient if' or 
'G mod if') is defined as G/H = {gH : g E G}, under the group operation: {giH){g2H) — 
{gig2)H [here, we are writing gig2, giH, g2H as shorthand for gi * g2, gi * H, g2 * H]. 

When G/H is finite then clearly i^G/H = [G : if ] (since the elements oi G/H are the 
distinct cosets of if in G, and the number of these is defined to be the index [G : if]). 

Why is it that the condition if < G is sufficient for this group operation on G/if to be well 
defined? Recall, the guarantee we need for unambiguity is that, whenever ^fiif = g[H and 
5'2if = g'2H, then {gig2)H = {g[g2)H. So, suppose that H <\G and that g^H — g[H, g2H — 
g'^H. Then: 

{g,g2)H = ^i(^2if) = giigW = giiHg'^) = (^lif)^^ 

= {g'iH)g'2 = {Hg[)g'2 = ^(^^^2) = (^^^2)^, as required. 

Comment 0.27. If G, * is Abelian then any subgroup if must be normal, guaranteeing that 
we can always form the quotient group G/if. 

Definition 0.28. Let X be any set, and let ~ be a binary relation on X. We say that ~ 
is an equivalence relation if it satisfies: 

(1) a~a for all a e X [reflexivity] . 

(2) a~h =^ h~a for all a,h E X [symmetry]. 

(3) a~h and h~ c =^ a ~ c for all a,h,c E X [transitivity] . 

The equivalence class of an element a E X, denoted [a], is the set of all members of X which 
are equivalent to a. This is to say: [a] = {x E X : x~a}. 

Given any gi,g2 E G, it is easy to check that ^^lif = g2H exactly when gi — g2 * h, for 
some h E H; that is, when gi * g2^ E H . Define the relation gi ~ g2 by: 

gi ~ g2 gi = g2* h, for some hEH, 

which gives an equivalence relation on G. Another way to describe members of G/if is to 
say that they are equivalence classes under this relation (or, we can also say that they are 
the members of G modulo the equivalence relation). 
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Comment 0.29. It can sometimes seem cumbersome to deal directly with the above defi- 
nition of G/H, since the group elements in G/H are cosets (so that G/H is a set of sets). 
Suppose nobody had ever mentioned cosets. There is a more intuitive approach to quotient 
groups (which is in fact the way they are mostly dealt with in practice) which requires no 
explicit mention of cosets. Namely, one writes the elements of G/H exactly as the ele- 
ments of G, except that certain elements become equal in G/H which were distinct in G. 
Specifically, one imposes the rule: 



this means two elements are equal in G/H exactly when their difference is in H. When the 
operation in G is multiplication, two elements are equal in G/H exactly when their quotient 
is in H [of course, when the group operation is neither an addition nor a multiplication, then 
just use the general criterion gi* G H]. The following examples are described in this 
spirit, with no explicit mention of cosets. 

Examples 0.30. 

(a) Let G — and = 3Z = {. . . , —6, —3, 0, 3, 6, . . .} ^ G. We see that, for example, 
1 — 16* (—15) in G [since * is -|- here], so that 1 = 16* (member of H), and so 1 = 16 in G/if. 
Equivalently, 1 * 16"^ = 1 + (-16) = -15 & H 1 = 16 in G/H [note that 16"^ is the 
inverse of 16 in G, which is —16]. On the other hand, 1 7^ 20 in G/H, since 1 = 20 * (—19) 
and -19 ^ //. 

In the group G/H ^ Z/3Z: 

... = -6 = -3 = = 3 = 6 = ... 

... = -5 = -2 = 1 = 4 = 7=... 

... = -4 = -1 = 2 = 5 = 8 = ... 
and so Z/3Z contains only 3 distinct elements. The usual convention is to pick out 0, 1, 2 as 
hsting the distinct members of Z/3Z. We can see that Z/3Z, -|- is isomorphic to C3, 

(b) Let G — Q*, X = nonzero members of Q under multiphcation. Let H — (Q*)^ = 
{squares of nonzero members of Q}. For example, 4/9 e if but 2 ^ H. 

In Q*, 2/3 = 6 X I and I e (Q*)^ so that 2/3 = 6 in Q*/{Q*Y. Similarly, 6 = | in 
Q7(Q*)2 since 6 = || x f and f e (Q*)^. However, 2 ^ 3 in QV(Q*)^ since 2 = 3 x | and 
I ^ (Q*)2. 

Note that any f e Q7(Q*)^ [where a,6 e Z] can be written as f = fb^ = ab e Z. We 
can write any integer in the form rs^ where r,s & Z and r is square-free [where square free 
means not divisible by any integer square except 1: for example, 6 is square free, but 12 
is not square free, since it is divisible by 4]. Write the integer ab in the form rs^, so that 




member of H). 



Equivalently: gi = §2 in G/H 



gi * g2^ & H. When the operation in G is addition. 
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^ — ab = rs^ = r in Q*/(Q*)^. The standard way of working in Q*/(Q*)^ is to write each 
distinct element as a square free integer. For example: 

fl = (f§)l32 = 20 X 13 = 4 X 5 X 13 = 5 X 13 = 65 in Q*/(Q*)^ 
which is a square free integer. 

(c) Let G = C*, X and H = {z : \z\ ^ 1}. Then zi = Z2 in G/H Zi/z2 G H <^ 

\zi/z2\ = 1 <(=^ \zi\ = \z2\. That is, Zi — Z2 va. G/H exactly when they have the same 
modulus. So, for example, 3 + 4i = 5i = 5 in G/H. Clearly, every member of G is equal 
in G/H to precisely one nonzero real number (namely, its modulus). So, each element of G/H 
can be represented by a nonzero real numbers, and it is easy to see that G/H is isomorphic 
to R*, X. 

Given a homomorphism (f) : Gi,*i G2,*2, the kernel can be shown to be a normal 
subgroup of Gi, and so we can form the quotient group Gi/ker 0. The map g *i ker (j) ^ g 
can be shown to be well defined and injective (and onto im 0), giving the following result. 

Theorem 0.31. [First Isomorphism Theorem for Groups] Let (f) : — >■ G2, *2 be a 
homomorphism. Then ker (j) <\ Gi, im (j) ^ G2 and G\/ker = 0. In particular, if (f) is 
surjective then Gi/ker (p ^ G2. 

Comment 0.32. Note that, in the case when 4> is surjective, we have im = G2 and so 
Gi/ker ^ G2. 

Examples 0.33. 

(a) Let 0:RxRxR, H — )-RxR, + be defined by 0((x, y, z)) = {x, y) [the projection map 
to the {x, y)-plane]. Then ker is the 2;-axis {(0, 0, : 2; e R}, and im is all of R x R (the 
map is surjective). The isomorphism theorem tells us that R x R x R/ker = R x R. 

(b) Let : C*, X ^ R*, X : 2; 1-^ Then ker (f) ^ {z : \z\ ^ 1} and im is all of R (the 
map is surjective). The isomorphism theorem tells us that C*/ker = R*. 

The following are both easy to deeduce from the First Isomorphism Theorem. 

Theorem 0.34. [Second Isomorphism Theorem for Groups] Let H ^ G and N <G. Then 
HN ^G, HnN <H and (HN)/N ^ H/(H f] N). 

Theorem 0.35. [Third Isomorphism Theorem for Groups] Let N <\ G, K <\ G, with K C 
N <ZG. Then N/K < G/K and {G/K)/{N/K) = G/N. 

The proof of the last part is simply to consider the natural map : G/K ^ G/N : g + K 
g + N, check that it is a well defined surjective homomorphism with kernel N/K and then 
apply the First Isomorphism Theorem. 

Another important idea is that of the order of an element. 
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Definition 0.36. Let G, * be a group and g E G. If tliere exists A; > sucli tliat g*g*. . .*g 
[k times] = e tfien we say tliat g has finite order (or is a torsion element), and tfie smallest 
such k is the order of g, denoted o{g). If no such k exists, we say that g has infinite order. 
For an Abelian group G, the set of all elements in G of finite order is a subgroup of G, the 
torsion subgroup of G, denoted Gtors- 

Since {e, g, g"^, . . . , g"''^^^^} is a subgroup of G [the subgroup generated by g] with o{g) 
elements, we obtain the following consequence of Lagrange's Theorem. 

CoroIIciry 0.37. Let G,* be a group and g & G. The order of g is always a factor of \G\. 
As a consequence, g^'^^ — e. 

There is a partial converse due to Cauchy. 

Theorem 0.38. [Cauchy 's Theorem on Finite Groups] Let G be a finite group and let p be 
prime such that p divides \G\. Then there exists g eG such that o(g) — p. 

Definition 0.39. We say that G, * is Boolean if, lox dl\ g E G, g * g — e [and so every 
element apart from the identity will have order 2] . 

Comment 0.40. Any finite Boolean group G is isomorphic to the product of a finite number 
of copies of C2] that is: G = C2 x C2 x . . . x G2. It follows that the order of G [that is, the 
number of elements in G\ is a power of 2. 

Definition 0.41. Let G, * be an Abelian group. The m-torsion subgroup of G, denote 
by G[m], is defined as {g G G : g * g * . . . * g [m times] = e}. This is same as the set of 
members of G whose orders are factors of m. 

Comment 0.42. When G be an Abehan group, let 2G denote the subgroup {g*g ■ g ^ G}. 
Clearly G/2G is always a Boolean group When G is a finite Abehan group, it can be shown 
that G/2G ^ G[2]. 

Definition 0.43. Let G be a group, written additively (so that our operation is written +). 
Let Hi, . . . ,Hn ^ G. We say that G = ©"^i-f^j = ifi © . . . © i7„ if every g e G can be written 
uniquely as g = hi + . . . + hn, where each hi & H^. 

Definition 0.44. Let G be a group, written additively, and let g E G. For any positive 
a e Z, define ag — g + . . . + g [a times]; define {—a)g = —{ag); also define Og to be the 
group identity (so, we have now defined ag for any a e Z). We say that G is a free abelian 
group if there exists a set S of elements of G for which every g & G can be written uniquely 
as a linear combination of a finite number of elements of S, with integer coefficients (up to 
isomorphism, it is just the set of formal finite sums of members of S). We say that is a 
Z-basis for G. When S is finite and \S\ — n, we say that G is a free abelian group of rank n. 
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For example G = Z x Z (under addition) is a free abelian group of rank 2, with Z-basis 
S — {(1, 0), (0, 1)}, since any (a, 6) = G can be written uniquely as a(l,0) + 6(0,1), for 
a, 6 e Z. 

Suppose G is any free abelian group of rank n with Z-basis S = {wi, . . . ,Wn}] then 
G = Zwi © ... © Zw„; furthermore G and Z x • • • x Z (n times), are isomorphic as additive 
groups. 

Elementary Number Theory 

We have already seen the idea of the 'integers modulo m' developed as a quotient group in 
Example 0.30(a). The next few definitions rephrase this idea in the language of congruences 
(which we have already used in Examples 0.4(f), (g), but which we now formahse). First a 
few preliminaries are necessary. 

Definition 0.45. For any a, 6 G Z, wc say that a divides h [or that a is a factor of 6, or 
that a is a divisor of 6], denoted a|6, if there exists A; G Z such that h = ka. When a does 
not divide b, this is denoted a \ b [for example, 5|20, but 7 f 20 and 20 f 5]. 

Example 0.46. If x e Z is a root of a polynomial f{x) — fnX^ + ■ ■ ■ + /o with integer 
coefficients, then x[/o [since, f{x) — imphes x{—fnX^~^ ~ ■ ■ ■ ~ fi) — fo\- So, for example, 
to test whether + llx — 6 — has any integer solutions, it is only necessary to check 
the possibilities x — ±1, ±2, ±3, ±6. Since none of these are solutions, it follows that the 
equation + llx — 6 = has no integer solutions. 

Definition 0.47. Let m e Z, m > 1. We say that m is prime [or a prime number] if its only 
divisors are 1 and m itself; otherwise m is composite [by convention, 1 is neither prime nor 
composite] . 

Definition 0.48. For any m,n eZ, the highest common factor of m,n, denoted hcf(m, n), 
is the largest d ^ 1 such that d\m and d\n (sometime also called the greatest common 
divisor of m,n or gcd(m,n)). The least common multiple of m,n, denoted lcm(m,n), is the 
smallest D ^ 1 such that m\D and n\D. Sometimes hcf(m,n) is abbreviated as (a, 6) and 
lcm(m, n) as [a, b]. When hcf(m, n) = 1 we say that m and n are coprime. 

For example, the positive divisors of 12 are: 1, 2, 3,4, 6, 12 and the positive divisors of 18 
are: 1,2,3,6,9,18. The common divisors are: 1,2,3,6, the greatest of which is 6, and so 
hcf(12, 18) = 6. 

Note that any common divisor of a and b is also a common divisor of a + kb and b, and 
vice versa, giving the following property of hcf 's. 

Lemma 0.49. For any a,b,k & Z, hcf{a + kb, b) — hcf{a, b) — hcf{a, b + ka). 
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A fundamental property of Z is that, given any a,b G one can find the highest multiple 
of b [say qb] ^ a, and the remainder a — qb will have absolute value less than This is to 
say, given any a,b E Z, there exist q,r E Z such that a = qb + r and |r| < \b\. This is known 
as the Division Algorithm, and the existence of such q, r [given any a, b] can be proved by 
induction. For example, given a — 22 and 6 = 5, we can say that 5 goes into 22 a total 
of g = 4 times with remainder r — 2, and write: 22 = 4 • 5 + 2, and indeed ^ 2 < 5. 
Repeated applications of the Division Algorithm give the following technique for finding the 
greatest common divisor of two numbers. 

Definition 0.50. Given positive integers m, n, Euclid's Algorithm for finding hcf(m, n) is 
as follows. 

First find gi, r2 such that m — qin + r2 (0 ^ r2 < n). 

Then find ^2, ^3 such that n — g2'"2 + t^3 (0 ^ r3 < r2). 

Then find q^, r^ such that r2 = q^r^ + r4 (0 ^ r4 < rz), and so on. 
Since the remainders n ^ are strictly decreasing, we will at some point get remainder 0. 
The last nonzero remainder is hcf(m,n). 

The proof that Euclid's Algorithm gives hcf(m, n) is a repeated application of Lemma 0.49. 

Example 0.51. Consider m — 9108, n = 1121. The first step of Euchd's Algorithm is: 
9108 = 8-1121+140. The second step is: 1121 = 8-140+1, and the final step is 140 = 140-1 = 
0, giving remainder 0. The last nonzero remainder is 1, which must be hcf(9108, 1121). 

Note that we can reverse the steps of Euclid's Algorithm to express hcf (m, n) as an integer 
linear combination oi m,n. In this example, we write the equation from the last-nonzero- 
remainder step as: 1 = 1121 — 8 - 140. We then use the previous equation [expressed as 
140 = 9108-8-1121] to obtain: 1 = 1121 -8- (9108-8- 1121) and so 1 = -8-9108+65-1121. 

Another way of performing the same computation is by row operations on the matrix 
(J ; I ';:;). in this case: 

(1 I 9108\ .R1-8R2 (i -8 I 140 \ .R2-8R1 ( 1 -81 140\ _,iii-140il2 ( * * \ ^\ 
Vo 1 I 1121/ Vo 1 I 1121/ V-8 65 I 1 / V-8 65 I 1/' 

where the * entries need not be computed. This gives us, all in the same computation, that 
hcf (9 108, 1121) = 1, and the bottom row of the last matrix gives hcf (91 08, 1121) as a linear 
combination of 9108, 1121, namely: 1 = -8 - 9108 + 65 - 1121, as before. 

This process can be performed for any m, n, giving the following result. 

Lemma 0.52. For any m,n there exist A, e Z such that Am + /in — hcf{m, n). 

Definition 0.53. Let a,b,m e Z. We say that a = b (mod m) ['a is congruent to b 
modulo m'] when m\{a — b). 
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For example, 2 = 12 (mod 5), since 5|(2 — 12). It is straightforward to show that, if 
a = b (mod m) and c = d (mod m), then 

a + c = b + d, a — c = b — d, ac = bd, a"' = b'^, ka = kb (mod n), 
for any /c e Z and any n e Z, n ^ 0. So, congruences in most ways can be manipulated like 
standard equations. An exception is cancellation: ka = kb (mod m) does not always imply 
that a = b (mod m); for example 2 • 4 = 2 • 1 (mod 6) even though 4^1 (mod 6). However, 
the implication is always true when k and m are coprime. 

Lemma 0.54. If hcf {171,71) — 1 then there exists A e Z such that Xm = 1 {modn). In 
particular, if p is prime and p\m then there exists A e Z such that Am = 1 {mod p). 

Proof We know from Lemma 0.52 that there exist X,^l such that Am + /in — hcf(m,n). 
Reducing modulo n immediately gives the required result. □ 

Corollary 0.55. For any m & N, the set = {x : 1 ^ x ^ m, hcf{x,m) — 1} is a group 
under multiplication modulo m. In particular, for any prime p, the set {1, 2, ... ,p — 1} is a 
group under multiplication modulo p. 

Letting G = {1, 2, . . . ,p — 1}, wc can apply Corollary 0.37 to obtain the following. 

Theorem 0.56. (Fermat's Little Theorem). Let p be prime. Ifp\a then a^~^ = 1 {modp). 

As a consequence, = a (mod p) for all a, regardless of whether p\a or p \ a. 
The following results is useful for solving simultaneous congruences. 

Theorem 0.57. [Chinese Remainder Theorem (for congruences)] Let ni,...,nk E Z be 
pairwise coprime (that is, hcf{ni, nj) — 1 whenever i 7^ j). Let ai, . . . , e Z. Then there 
exists X e Z which is a solution to the system of simultaneous congruences 

X = ai (mod ni), x = a2 (mod n2), ■ ■ ■ ,x = a2 (mod Uk) 

and this solution is unique modulo N — nin2 . . . n^. 

In order to prove this, one defines Ni — N/ui (which is the product of all of ni, . . . ,nk, 
except with n^i removed from the product). Then hcf(A^j,nj) = 1, so that there exists 
Xi, /li & such that XiNi + /liUi — 1, and so XiNi = 1 (mod rij). Then one can easily check 
that x = Y^^=i ^i^iO-i is a solution to the above system. If also y were a solution, then 
X = y (mod rij) and so ni\{x — y) for all i; since ni, . . . , are pairwise coprime, this gives 
N — nin2 ■ ■ ■nk\{x — y), so that x = y (mod N); in other words, x is unique mod N, as 
required. 

Another natural problem in Number Theory is that of trying to decide when one number 
is congruent to a square modulo a prime. 
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Definition 0.58. Let p be prime and m G Z. We say that m is a quadratic residue mod p 
if tfiere exists x e Z sucfi tfiat m = (modp). Otlierwise m is a quadratic non-residue 
mod p. 

For example, consider wfiat fiappens modulo p — 5. Every number is congruent to one 
of 0, 1, 2, 3 or 4 (mod 5) [which arc the same as 0, 1, 2, -2, -1 (mod 5)]. Now: 0^ = 0, 1^ = 
1, 2^ = 4, 32 = (-2)2 = 4, 42 = (-1)2 = 1 (mod 5). So, 0, 1, 4 are quadratic residues mod 5, 
but 2, 3 are not. 

Lemma 0.59. For any prime p ^ 2, let = {0, 1 , . . . , p — 1} , with addition and multipli- 
cation mod p, and let Z* = {1, . . . ,p — 1}, the nonzero elements ofLp. Define -(/^ : Z* — )■ Z* : 
X ^ is a 2-to-l map [2 elements map to 1 element], with ip^x) = ip^p — x), or equivalently 
ip^x) = iIj{—x) [since (p — x)^ = {—x)'^ = x"^ {mod p)]. So exactly half of {1, . . . ,p — 1} are 
quadratic residues mod p and half are quadratic non-residues mod p. 

Definition 0.60. For prime p and p\ m, define the Legendre symbol by: 

.X jl if m is a quadratic residue mod p, 

^ 1—1 otherwise. 
When p\m, we normally define (^) — 0. 

For example, we have already seen that (|) = —1. Also, (|) = (|) = —1, since 7 and 2 
are congruent (mod 5). Similarly, (^) = (^) = 1 and (^) = 0. 

Lemma 0.61. Let p be an odd prime and let p \ m,n,mi,m2- 

(a) If mi = m2 {mod p) then (^) = (^). 

(b) (^) — (^)(~); which is the same as saying: 

mn is a quadratic residue mod p <^=^ either {m and n are both quadratic residues mod p) 

or {m and n are both quadratic non-residues mod p) 

(c) (^) = 1 <^=^ P = 1 {mod 4) or p = 2. (^) = —1 <^=^ p = 3 {mod 4). 

(d) (y = 1 <^ p = ±l {mod 8). (j) = -1 <^ p = ±3 {mod 8). 

Theorem 0.62. (Gauss' Law of Quadratic Reciprocity). Letp 7^ 2, g 7^ 2 &e distinct primes. 
If either p = 1 {mod 4) or q = 1 {mod 4) then (|) = (|). 
// both p = 3 {mod 4) and q = 3 {mod 4) then (|) = — (|) . 

Example 0.63. Let us decide whether 6 is a quadratic residue mod 1019 [which is prime], 
using applications of quadratic reciprocity. 

(ih) = ilk) ilk) = i-^Kik) [by Lemma 0.61(d)] 

= (— 1)(— 1) (^!^) [by quadratic reciprocity, since both 1019 and 3 are = 3 (mod 4)] 
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establishing that 6 is a quadratic non-residue mod 1019 [and so there docs not exist an 
integer x such that 6 = (mod 1019)], in a way much quicker than checking that none of 
0^, 1^, . . . , 1018^ are congruent to 6 (mod 1019). 

Quadratic reciprocity also gives a quick way, for any given integer n, of describing all 
primes p such that n is a quadratic residue mod p. 

Example 0.64. Let us describe the primes p for which 3 is a quadratic residue mod p. First 
note that 3 is a quadratic residue mod 2 and mod 3, so it remains to consider p > 3. For 
p > 3, p is divisible by neither 2 nor 3, and so p = 1 or 3 mod 4 and p = 1 or 2 mod 3. 
When we apply quadratic reciprocity to go from (^) to (|), the cases p = 1 or 3 mod 4 will 
determine whether a negative sign is introduced. Then the value of (|) will be determined 
by whether p = 1 or 2 mod 3. So, it is natural to see what happens in each of the following 
four cases. 

Case 1: p = 1 (mod 4) and p = 1 (mod 3) [which is the same as: p = 1 (mod 12)]. In this 

case: (^) = (|) [by quadratic reciprocity] (|) [since p = 1 (mod 3)] = 1. 

Case 2: p ^ 1 (mod 4) and p = 2 (mod 3) [which is the same as: p = 5 (mod 12)]. In this 

(|) = (l)(i) = -i- 

Case 3: p = 3 (mod 4) and p = 1 (mod 3) [which is the same as: p = 7 (mod 12)]. In this 
case: (^^) = -(|) - (|) = -1. 

Case 4: p = 3 (mod 4) and p = 2 (mod 3) [which is the same as: p = 11 (mod 12)]. In this 
case: (f) = -(I) - (i) = -(-1) = 1. 

To summarise: 3 is a quadratic residue mod p «^=^ p = 2,p = 3orp = 1,11 (mod 12). 

Rings 

There are many situations where we have two operations on the same set, for example Z 
with both addition and multiplication. 

Definition 0.65. Let R have two binary operations +, x. i? is a ring (with 1) if: 
R is a, commutative group under + with identity 0. 

There exists an element 1 (7^ 0) such that, for all r G -R, 1 x r = r x 1 = r. 
For all r, s,t E R, {r X s) X t = r X [s X t) [associativity of multiplication]. 
For all r, s,t E R, r X {s + 1) — r X s + r X t, {s + t)xr — sxr + txr [left and right 
distributivity] . 

Note that, for any ring, addition is always commutative, but multiplication need not be 
commutative. When multiplication is commutative [that is, r x s = s x r for all r, s e i?] we 
say that R is a commutative ring. 
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Examples 0.66. 

(a) Z, +, X is a commutative ring. 

(b) For any ring R, define R[x] = {polynomials in x with coefficients in R}, which is also 
a ring, with the usual addition and multiplication of polynomials. Also define the ring 
R[[x]] = {power series in x with coefficients in R}. The same is true when there are several 
variables, for example: i?[a;, y], i?[[a;, |/]]. 

(c) Let G, + be any commutative group. Let End(G) = {0 : is an endomorphism on G}. 
Then End(G) is a ring, with operations: {4>i + (pi){g) = <pi{g) + 02(5') [defining ring ad- 
dition (pi + 02], and with ring multiplication given by 0i o 02 [composition]. This is the 
endomorphism ring of the group G. 

(d) M2(Z) = {2x2 matrices with integer entries} is a non-commutative ring, with '0' given 
by ill) and '1' given by (J J). 

(e) The set {0, . . . , n — 1} under addition and multiplication modulo n is a commutative 
ring. 

Definition 0.67. Let R, S be rings. Define the ring R x S = {(r, s) : r & R, s & S} with + 

and X on i? X S* defined by: 

{ri, si) + (r2, S2) = (n +R r2, Si +s S2), (ri, Si) x (r2, S2) = {n Xr r2, Si X5 S2), where 
+5 denote addition in R,S, respectively, and where x^, X5 denote multiplication in 
R, S, respectively. 

Definition 0.68. A commutative ring R is an integral domain if, for all r,s & R, 

rs — =^ (r = or s = 0) . 
For example, Z and Z[[x]] are integral domains, but M2(Z) is not, since (00) (01) ~ (oo)" 

Definition 0.69. Let R, S be rings. A function : — >■ 5" is a ring homomorphism if, 
for all ri,r2 G R, 0(ri + r2) — 0(ri) + 0(r2) and 0(ri x r2) = 0(ri) x 0(r2). Define the 
kernel as ker (p — {r & R : (j){r) = 0} and the image as im = {0(r) : r E R}. If is also 
injective then is a monomorphism (or embedding). If is also a bijection, then is a ring 
isomorphism. 

If there exists an isomorphism from R to S, then R and S are isomorphic, denoted R^ S. 

The equivalent idea for rings to that of normal subgroups is as follows. 

Definition 0.70. An ideal of a ring is a subset I C R satisfying: 
/, + is a subgroup of i?, +. 

For all r € -R, a e / we have r x a E I and a x r E I. 
We sometimes use I < R to denote that / is an ideal of R. 

This last condition can be phrased as: 'the product of anything in the ring with anything 
in the ideal must be in the ideal'. Note that 1 e / <^=^ I — R. li I ^ R then / is 
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a proper ideal. If / is a proper ideal and is not contained in a larger proper ideal, then / 
is a maximal ideal. We say that J is a prime ideal if it is a proper ideal and: for all a, 6, 
if ah E J then a e J or 6 e J. Given any ai, . . . , a„ G -R, we use (oi, . . . , a„) to denote 
{riOi + . . . + Tnttn : Ti E R}, which is the ideal generated by ai, . . . ,an- An ideal generated 
by one element a, namely an ideal which can be written in the form (a) = {ra : r G R} is 
called a principal ideal. 

Given two ideals /, J of R, the intersection / fl J is an ideal of R; we define I + J — 
{a + 6 : a e /, 6 e J}, which is also an ideal of R. We have to be more careful with IJ, since 
{ab : a e /, 6 e J} is not always an ideal, so we instead define IJ to be the ideal generated 
by these products, that is to say, we define IJ = j^jL^ aj6j : e /, 6^ e J, A; ^ l|, which is 
an ideal of R. Note that always IJClnJCI^JCI + J. 

Definition 0.71. Let / be an ideal of a ring R; define the quotient ring R/I = {r+J : r G R}, 
under the operations (ri + /) + (^2 + 1) = {ri +r2) + 1 and (ri + /) x (r2 + 1) = (^i x + /. 

Note that / is an ideal if and only if it occurs as the kernel of a ring homomorphism from R 
to some ring. 

Lemma 0.72. Let R be a commutative ring. Then I is a prime ideal of R if and only if 
R/I is an integral domain. 

For example, x7j[x\ [the polynomials with constant term] is an ideal of the ring 7j[x] 
(and it is a principal ideal {x)). It is a prime ideal, so that Z[x]/(x) must be an integral 
domain. It is the kernel of the ring homomorphism from Z[a;] to Z, defined by p{x) i— )> p(0). 
Furthermore: Z [x] /xZ [x] = Z. Similarly, for any fixed n, clearly nZ is an ideal of the ring Z 
(and is the principal ideal {n))\ the ring of Example 0.66(e) is just the quotient ring Z/nZ. 
Note that nZ is a prime ideal if and only if n is prime. Hence Z/nZ (which is just the ring 
{0, . . . , n — 1} under addition and multiplication modulo n) is an integral domain if and only 
if n is prime. 

Warning. An ideal can still be principal even if it not initially expressed in terms of one 
generator. For example, consider the ideal / = (4,6), which is (by definition) the ideal 
of Z generated by 4 and 6, so that / = (4,6) = {4ri + 6r2 : ri,r2 G Z}. Note that 
2 = 4 X { — 1} + 6 X 1 G / so that any 2 x r G / and so: (2) C /. Also any 4ri + 6r2 G / can 
be written as 2{2ri + 3r2} G (2). Hence / = (2). So, / = (4,6) is a principal ideal, since it 
can also be written as (2). 

Rings have isomorphism theorems similar to those for groups (and the proofs are similar). 

Theorem 0.73. [First Isomorphism Theorem for Rings] Let R, S be rings and (f) : R ^ S 
be a ring homomorphism. Then ker0 < R, im (j) is a subring of R and R/kercf) = im (p. In 
particlar, if (j) is surjective then i?/ker0 = S. 
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Theorem 0.74. [Second Isomorphism Theorem for Rings] Let R he a ring, S he a suhring 
of R and I < R. Then S + I = {s + i : s & S,i & 1} is a subring of R, S H I <\ R and 

{s + i)/i^s/{sni). 

Theorem 0.75. [Third Isom,orphism, Theorem for Rings] Let R be a ring and let I, J <1 R 
with I CJ CR. Then J/ 1 < R/I and {R/I)/{J/I) ^ R/J. 

Definition 0.76. Let it! be a ring. If there exists an integer n ^ 1 such that 1 + 1 + . . . + 
l[n times] = 0, then the smallest such n is the characteristic of R. If no such n exists, then R 
is said to have characteristic 0. 

For example, Z/nZ has characteristic n, whereas Z, Q, C all have characteristic 0. 

Suppose that / is a maximal ideal of some commutative ring R. Imagine it were not a 
prime ideal, so that there exist r,s G / such that rs G / but r,s ^ L Define (J, r) = 
{a + rt \ a e I,t e R} and {I , s) = {a + st \ a e I ,t e R}. Clearly / C (/, r) and / ^ (J, r) 
(since r G (/, t) and r ^ /), so that (/, t) = R (since / is maximal); hence (since 1 G i?) 
there exist a E I,t E R such that 1 = a + rt. Similarly there exist a' E I,t' E R such that 
1 = a' + st'. Hence 1 = (a + rt){a' + st') = aa' + ast' + a'rt + rstt' G /, since / is an ideal 
(and since a, a', rs G /). But 1 G / gives, for any r E R that r = rxlG/so that I — R, 
contradicting the maximality of /. This proves the following result. 

Theorem 0.77. Let R be a commutative ring. Every maximal ideal of R is a prime ideal 
ofR. 

The converse is false; for example, (x) = x1j[x] is a prime ideal of the ring 7j[x] but it is not 
a maximal ideal since, for example, (x) C {2,x) C Z[x] (all of which are strict inequalities), 
where {2,x) is the ideal generated by 2 and x (which is the set of all polynomials in Z[x] 
with even constant term). 

Definition 0.78. Two ideals 7, J of a ring R are coprime ii I + J — R. 

For example, the ideals mZ and nZ of the ring Z arc coprime ideals exactly when m, n are 
coprime integers, that is, when hcf(m, n) = 1. To see this, note that, when hcf(m, n) = 1, 
there exist A,/i G Z such that Am + fin = 1 and so 1 = m\m + n/j E niL + nZ and so 
mZ + nZ = Z. If hcf(m, n) = d > 1 then clearly and mZ + nZ C dZ ^ Z. 

Theorem 0.79. [Chinese Remainder Theorem (for rings)] Let R be a commutative ring and 
let Ii, . . . , Ik be ideals of R which are pairwise coprime (that is, Ii + Ij = R whenever i ^ j). 
Let I = /i n /2 n . . . n /fc. Then I — I1I2 ■ • ■ Ik (the product equals the intersection) and 
R/I = R/ Ii X . . . X R/Ik under the natural isomorphism (f) : R/I R/ Ii x . . . R/ 1^ given 
by (f){x + I) = {x + Ii,...,x + Ik). 
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The earlier Chinese Remainder Theorem (for congruences) is a special case of this. Suppose 
that we have the system 

X = Qi (mod rii), x = a2 (mod 712), ... , x = (mod Uk), 

with pairwise coprime integers, and let = nin2 ■ ■ - nk- Then niZ, ...,nfeZ 

are pairwise coprime ideals of the ring Z and the Chinese Remainder Theorem (for rings) 
tells us that / = niZ fl H . . . fl n^Z = nxLn^L ■ ■ ■ n^Z = A^Z and that : X/NX — )• 
Z/niZ X ... X 'L/nkX, given by 0(x + iVZ) = [x + niZ, . . . , a; + n^Z), is an isomorphism. 
Hence there is a unique x + A'"Z e Z/A^Z which maps to (ai + niZ, . . . , + UfcZ), which is 
precisely the same as saying there there is a unique solution (mod A^) to the above system 
of congruences. 

Now, let R be any commutative ring and I < R. If J < R and I C J <Z R then J/I < R/I 
and so the map : J J/I gives a map from the set {J : J <\ R and I ^ J ^ R} to the 
set {V : V < R/I}. In the reverse direction, if < R/I then {r e R : r + I e V} <\ R. It 
can be shown that the map ip : V {r G R : r + 1 & V} is the inverse of which gives the 
following result. 

Theorem 0.80. Let R be a commutative ring and let I <\R. Then there is a 1-1 correspon- 
dence between the set of ideals of R containing I and the set of ideals of R/I. 

It can also be shown that primality is preserved, and so there is also a 1-1 correspondence 
between the set of prime ideals of R containing I and the set of prime ideals of R/I. 

Definition 0.81. Let be a commutative ring. We say that a\h (a divides h) in R if there 
exists c & R such that b — ac. The element u & Ris a unit ifu\l, that is, if there exists v & R 
wuch that uv — 1. We say that a, b are associates if there exists a unit u such that b — an. 
An element d e i? is called a highest common factor of a, b if d|a, d\b and if, for any c & R, 
{c\a, c\b) =^ c\d. Note that, for a general commutative ring and general elements a,b, 
there might not even exist such and element d (when such an element does exist, it is clearly 
unique up to multiplication by units) . An non-zero non-unit element p e is irreducible if, 
for any a,b & R, p — ab =^ a or 6 is a unit. An non-zero non-unit element p e i? is prime 
if, for any a,b & R, p\ab =^ p\a or p\b. 

If p is prime then by induction, p\aia2 . . .an =^ p\ai for some i. 

Warning: the definition of prime (in Z) which you were given in school is actually the 
definition of irreducible! In any case, as we shall see, primes and irreducibles in Z turn out 
to be the same. 
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It is easy to show that, in any integral domain, every prime element must be irreducible, 
but the converse is false; for example, in the ring Z[V— 5] the element 2 is irreducible but 
not prime (since 2|(1 + — y/^) even though 2 f 1 + and — \/— 5). 

One of the central problems in ring theory is to determine whether or not a given ring has 
unique factorisation into irreducibles. If one thinks for a moment how to show this for Z, a 
quick summary of one line of argument is as follows. First (by induction) prove the Division 
Algorithm that, for any a, 6 e Z, there exist g,r e Z such that a = g6 + r and |r| < 
Now let 7^ / < Z, and let d be the smallest positive member of /; then I — (d) (otherwise 
the Division Algorithm would give a smaller positive member of /). Hence every ideal of Z 
is a principal ideal. For any m, n e Z, the ideal (m, n) = roL + nZ must be principal, say 
that mZ + mZ = cZ; it is easy to show that c is a highest common factor of m, m and that 
there exist A, /i e Z such that Am + nn — c. Suppose that p e Z is irreducible. Assume p\ab 
and p f a; let c be a highest common factor of p, a (which we have just shown exists); then c 
must be a unit, and we can take c = 1, so there exist A, p e Z such that Xp + pa = 1, and 
so: Xpb + pab — b. Then p\LHS and so p|6, proving that p is prime. Hence, in the ring Z, 
primes and irreducibles are the same. 

Imagine there exists n e Z which cannot be factored as a product of a finite number of 
irreducibles. Then we can write n — riiOi, ni = 77,202, . . ., say, where none of the rij, are 
units, and so we can find an infinite sequence ni,n2, ■ ■ ■ such that each ni+i\ni and Ui \ n^+i. 
This gives a chain of ideals: niZ C n2Z C . . ., where each njZ 7^ n^+iZ. Let / = IJi^i ^i'^^ 
which can easily be shown to be an ideal of Z; since all ideals of Z are principal, there must 
exist m e Z such that / — mZ and furthermore m e rii^Z, for some riig. It is then quick 
to show that n^gZ = n^g+iZ = . . ., a contradiction. Hence every n e Z can be factored as a 
product of a finite number of irreducibles. 

Imagine such factorisations were not always unique and that there exists pip2 . . . Pr = 
1/11/2 ■■ - i^s, where all p,, i/j are irreducible and where the RHS cannot be obtained from the 
LHS merely by reordering and replacing elements with associates. Amongst all such non- 
unique factorisations, consider one such for which r + s is minimal. We have already seen 
that all irreducibles are prime, so that pi is prime. Furthermore, pi\i/ii/2 ■ ■ - J^s, so that pi\i/j 
for some j; without loss of generality, say that pi\i/i. It follows that pi, ui are associates. On 
cancelling pi from both sides, one has a new example of non-unique factorisation, but with 
a smaller value of r -|- s, a contradiction. Hence factorisation is unique. 

It should be confessed here that the above is a rather convoluted approach simply for 
showing that Z has unique factorisation and there are a number of shortcuts available which 
work for Z. For example, Euclid's Algorithm (and reversing the steps of Euclid's Algorithm) 
gives the existence of hcf (m, n) and the fact that it can be written as Am -|- pn. Furthermore 
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the mere existence of a factorisation into a product of a finite number of irreducibles can be 
proved (for Z) by induction. However, it is the above style of argument which is a amenable 
to generalisation to a wider class of rings. 

In the above the Division Algorithm allowed us to deduce that all ideals in Z are principal 
which in turn allowed us to deduce unique factorisation (and there was a step which involved 
canceUing a nonzero element from both sides of an equation, which used that fact that Z is 
an integral domain). So, it seems reasonable to define a natural generalisation of the Division 
Algorithm which might apply to a wider class of rings. 

Definition 0.82. Let it! be an integral domain, i? is a Euclidean domain (ED) if and only 
if there exists a function (a Euclidean function) d : -R\{0} — >■ N U {0} such that 

(i) For all a,b e R with 6 7^ 0, there exist q,r E R such that a — qb + r and either r — 
or d{r) < d{b). 

(ii) For all nonzero a,b e R, d{a) ^ d{ab). 

Definition 0.83. Let R be an integral domain. R is a principal ideal domain (PID) if and 
only if every ideal is principal (that is, every ideal is of the form (7) = {rj : r G R}). 

Definition 0.84. Let R be an integral domain, it! is a unique factorisation domain (UFD) 
if and only if for all non-zero and non-unit a & R there exist irreducible ^1, . . . , /3„ e i? such 
that 

(i) a^/3i.../3n 

(ii) If q; = 7i . . . with irreducible 7^, then m — n and there exists a permutation a of 
{1, . . . ,n} such that I3i and ^a^i) are associates. 

The following theorem is proved by imitating the argument given above for Z. 

Theorem 0.85. ED =^ PID =^ UFD. 

Example 0.86. As we have seen, Z has Euclidean function d{n) = \n\. Similarly, it can be 
shown that d{a+bi) = + is a Euclidean function on the ring Z[i] — {a + bi : a,b E Z}. It 
can also be shown that d{p{x)) — degree(p(x)) is a Euclidean function on Q[x] and indeed on 
any K[x], where K is any field (see below for the definition of field); this uses the polynomial 
division algorithm (giving a remainder polynomial with strictly smaller degree). So, all of 
Z, Z[i], Qfx], is:[x] (for any field K) are examples of ED (and so also PID and UFD). 

Note however that Z[x] is not an ED (the polynomial divisional algorithm does not work 
here; try, for example, dividing 2x + 3 into 3x^ + 7, while using only elements of Z[a;]). 
Indeed one can prove that it is not an ED by showing that it is not a PID: consider the 
ideal generated by 2,x, namely: {2,x) — {^/{x) + xg{x) : f{x),g{x) e Z[a;]]} (the set of 
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polynomials in Z[x] with even constant term); this can be shown not to be a principal ideal. 
On the other hand, Z[a;] is still a UFD. 

The ring Z[\/^] is not even a UFD, as we can see from 6 = 2-3 = + — one 

can check that 2,3,1 + \/— 5, 1 — are all irreducible and no two of them are associates. 

Fields 

Definition 0.87. Let K have two binary operations +, x. A' is a field if: 
K is an Abelian group under + with identity 0, 

The nonzero elements of K is an Abelian group under x with identity 1, 
For all a,b E K , a X {b + c) = axb + axc [distributivity]. 

Equivalently, we could define a field to be a commutative ring for which every nonzero 
element has a multiplicative inverse. 

Theorem 0.88. Let R be a finite integral domain. Then R is a field. 

Proof Let R = {ri, . . . ,r„} be the distinct elements of R. It is sufficient to show that all 
nonzero elements have multiplicative inverses. Let a G i? be nonzero. Consider the set 
{ari, . . . , ar„}. Note that: ar^ = arj =^ a{ri — rj) = =^ r^ — rj = (since a ^ and 
R is an integral domain), which is only possible when i = j (since ri, . . . ,r„ are distinct). 
Hence ari, . . . , ar„ arc distinct; there arc n of these, so they must give all n elements of R 
by the pigeonhole principle. Since 1 E R there must exist ri E R such that ari = 1, and so a 
has a multiplicative inverse, as required. □ 

Examples 0.89. 

(a) Q, +, X is a field. 

(b) Let Zp, +, X denote {0, 1, . . . ,p — 1} under addition and multiplication modulo p, wherep 
is prime [this is the same as Z/pZ, +, x]. This a field with p elements (a finite field, since 
it has only finitely many elements, as opposed to the infinite field Q). The fact that it is a 
group under addition modulo p is straightforward. The fact that the nonzero elements form 
a group under multiplication modulo p was shown in Corollary 0.55 

(c) K,C,Q(V2),Q(i) are all fields. By Q{V2) we mean {a + b\/2 : a,b e Q}, and similarly 
for Q(i). 

(d) Z, +, X is not a field since the nonzero integers is not a group under multiplication (for 
example, 3 has no inverse under multiplication). 

(e) Z/6Z = {0, 1, 2, 3, 4, 5} under addition and multiplication modulo 6 is not a field for the 

same reason. 

(f) Let R be any commutative ring. Then is a maximal ideal of R if and only if the 
quotient i?/A4 is a field. Note that this gives an alternative method for showing that every 
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maximal ideal of i? is a prime ideal of R, namely: 

J\4 maximal <^=^ R/M. is a field =^ Rj M. is an integral domain <^=^ M. prime. 

(g) Given any integral domain i?, define K — : a,b e R,b 0}, wfiere we regard f = fr 
wfien ab' — a'b. This is the field of fractions of R. Addition and multiplication are defined 
as you would expect: |i + g = and x g = More pedantically, you 
could define the field of fractions as {{a,b) : a, 6 e R} modulo the equivalence relation: 
(a, 6) = {o! lb') <^=^ ab' — a'b, with addition and multiplication defined by: (ai,6i) + 
(02,62) = (oi X 62 + 02 X bi,b-J)2) and (ai,6i) x (02,62) = (0102, 6162)- For example, Q is 
the field of fractions of Z. Also, Q(i) is the field of fractions of In general, if it! is an 
integral domain and R C. K, where K is a field and if, for all alpha e K, there exist a,b & R 
such that a — a/b, then K must be the field of fractions of R. 

(h) For any integral domain R, the field of fractions of R[x\ is denoted R{x)] it is the field 
of rational functions in x over i?, that is, R{x) = : p{x),q{x) e Z[x],q{x) 0}. Note 
that, if K is the field of fractions of R, then R(x) — K{x). 

Sometimes the field of fractions of an integral domain R (or indeed any field K contain- 
ing R, which must therefore contain the field of fractions of R) can be used useful in trying 
to show that i? is a ED, particularly when the proposed function d is multiplicative. 

Lemma 0.90. Let R C K , where R is an integral domain and K is a field. Suppose there 
exists a function d : K ^ Q, with d{a) — <^=^ a — 0, and restriction d : R ^ NU {0}, 
with the properties that 

(i) For any & K, there exists q & R with d{j — q) < 1. 

(ii) For all nonzero a,f3 & K, d{af3) — d{a)d{j3). 
Then d is a Euclidean function on R. 

Proof FoT any nonzero a,b E R, d{a),d{b) G N and so d{ab) = d{a)d{b) ^ d{a), giving 
property (ii) of Definition 0.82. Now let a,b E R with 6 7^ 0, and let 7 = a/b G K. By 
om^ assumption, there exists q E R with d{'-f — q) < 1, so that d{a/b — q) < 1, and so 
d{a — bq) = d{{a/b — q)b) = d{a/b — q)d{b) < d{b). Let r = a — bq E R. Then a = bq + r 
and d{r) < d{b), giving property (i) of Definition 0.82. Hence d is a Euclidean function, as 
required. □ 

Example 0.91. Let K = Q{i) and R = Z[i]. For any a = ai + G Q{i) (where 
ai, a2 G Q), define d : Q(i) — >■ Q by d{ai + 0:2?) = (ai + a2i){ai — a2i) — + c^\. Clearly, 
d : Z[i] ^ N U {0}, dia) = a = and d{af3) = d{a)d{^) for any q;,/3 G Q(i). Let 

7 = 7i + 72^ G Q(i), where 71,72 G Q. Let qi be the closets integer to 71 and let q2 be 
the closest integet to 72. Then I71 — I72 — ?2| ^ 1/2 (since there is always an integer 
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distance at most 1/2 from any real number). Then 1^(7 — q) = ^((71 — qi) + (72 — Q.2)'i) 
= (71 - qi? + (72 - q2? ^ (1/2)2 ^ (1/2)2 ^ < 1, as required. 

Since fields are special cases of rings, the definitions for field homomorphism, field isomor- 
phism and characteristic are exactly as described for rings. An isomorphism from a field to 
itself is an automorphism. 

Definition 0.92. Let K, +, x be a field. Then K* always denotes the group of nonzero 
elements of K under x [for example, Q*,R*,C* are all groups under x]. 

Definition 0.93. Let K he a, field. Any p{x) G K[x\ is irreducible if it cannot be written as 
a product of two polynomials in K[x\ both of degree ^1. It is manic if the leading coefficient 
[that is, the coefficient of the highest power of x\ is 1. Let a be the root of any p{x) G K[x\ 
(not necessarily irreducible); then a is algebraic over K. For example, \/2 is algebraic over Q, 
since it is a root of a;^ — 2; on the other hand, is algebraic over R, but can be shown not to 
be algebraic over Q. Given any a, algebraic over A', there always exists monic mct{x) G K[x] 
of smallest degree n which has a as a root; this has the property that it is a factor of any 
other member of K[x] which has a as a root. We say that m„(a;) is the minimal polynomial 
of a and that a is algebraic of degree n over K. The set of roots of ma{x) are the conjugates 
of a over K. A field K is algebraically closed if every polynomial p[x) G K[x\ contains a 
root in K. 

For example, C is algebraically closed, but Q is not. For any field K (whether algebraically 
closed or not), there exists a field A', the algebraic closure of A', which is the smallest 
algebraically closed field containing K. Given a, algebraic of degree m„ over A', we can form 
the field A'(q;), which is the smallest subfield of K containing K and a. We say that K{a) is 
the field obtained by adjoining a io K. A similar definition applied for any A'(ai, . . . ,a„). 
A field L is an algebraic extension of A' if AT C A and every £ G A is algebraic over K, 
otherwise A is a transcendental extension of K. 

Examples 0.94. 

(a) C is the algebraic closure of R. 

(b) The minimal polynomial of i over Q is + 1, so that i is algebraic of degree 2 over Q, 
and Q(i) = {a + 6i : a, 6 G Q}. 

Lemma 0.95 (Gauss's Lemma). Let pit) G Z[t] be irreducible in Z[t]; then it is also irre- 
ducible in Q[t]. 

Proof. The broad strategy is to imagine p(t) were reducible over Q, with p{t) = g{t)h{t) 
where g{t), h{t) G Q[t], and then show there exists A G Q, A 7^ 0, such that \g, \~^h G Z[t] 
(the existence of such A is sometimes included in the statement of Gauss' Lemma). □ 
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Theorem 0.96 (Eisenstein). Let f{t) = ao + ait + ■ ■ ■ + a„t" G Z[t]. Suppose there exists a 
prime p such that p does not divide an, but p divides ai for i = 0, . . . ,n — 1, and does not 
divide Cq. Then, apart from constant factors, f{t) is irreducible over'L, and hence irreducible 
over Q. 

Such a polynomial is said to be Eisenstein with respect to the prime p. Note also: irre- 
ducible over K is just another way of saying: irreducible in 

Proof It is quite a common first reaction to regard the Eisenstein condition as rather whim- 
sical and arbitrary. For any f{t) as above, let f{t) denote So + <^it + • • • + ftn^") where all 
coefficients G Z are replaced with cii = a (mod p), so that each di & = Z/pZ. The 
most natural approach is first to assume that f{t) is reducible, say f{t) = g{t)h{t), where 
g{t),h{t) have degrees k,£, respectively, so that k + £ = n. Assume also that f{t) = dnt^, 
with dn ^ (that is, only the leading term remains), which is equivalent to: p does not 
divide a„, but p divides for i = 0, . . . , n — 1. Note that f{t) = a„t" is already expressed 
as a unit in Zp[t] (namely a„) times a product of irreducibles in Zp[t] (namely each t) and 
so this must already be the unique factorisation of f{t), since Zp[t] is a UFD (recall that 
the ring K[t] is a ED for any field K and so is a PID and UFD). But f{t) = g{t)h{t), so by 
uniqueness of factorisation, g{t) and h{t) must also just consist of their leading terms. In 
particular, the constant terms of g{t) and h{t) must both be divisible by p, so that the ao 
(the product of these) must be divisible by p'^. To summarise, we have shown that if f{x) is 
reducible in 7j[x] and p does not divide a„, but p divides for i = 0, . . . , n — 1, then p^|ao- 
Hence, if Eisenstein's Criterion is satsfied then f{x) is irreducible in Z[x]. □ 

Example 0.97. Let 7 satisfy — 2 — 0. This is irreducible over Z by Eisenstein's Criterion 
(with p — 2) and so is irreducible over Q by Gauss' Lemma. Hence x^ — 2 must be the 
minimal polynomial for 7 over Q. 

Definition 0.98. Let L be a field extension of K [that is, K, L are fields and K C L; this 
is sometimes denoted L/K]. If there exists a finite set £1, G L such that every £ G L 

can be written as I — ki£i + . . . + A;„£„, for some ki, . . . ,kn G K, then L is a finite extension 
of K. In such cases, it is then always possible to find such a set with the extra property 
that kiii + . . . + kjiin 7^ except when ki — ... — kn — 0, in which case we say that ii, . . . ,in 
is a basis for the field extension. We then say that n is the degree of the extension L : K, or 
that [L : K] — n. Of course, if you wish, you can also phrase this in terms of vector spaces. 
Letting the set of vectors be L and the field of scalars be K, then L forms a vector space 
with respect to vector addition: £1 + £2, for any £1,^2 L, being simply the usual addition 
in the field L, and scalar multiplication k£, for any k & K,i & L, being simple the usual 
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multiplication in L. Then the degree of the extension L : K is just the dimension of this 
vector space. 

If a has minimal polynomial of degree n over K then {K[a) : K] = n. For example, if 7 
satisfies — 2 = 0, we have already seen that this must be the minimal polynomial for 7 
and so [Q(7) : Q] - 3. 

A algebraic number field is a finite extension of Q (often this is just abbreviated to number 
field). For example, Q(^/2), Q(i), Q(V^, V^) are all number fields. It can be shown that 
every number is expressible in the form Q(q!), for some a which is algebraic over Q (for 
example, Q(\/2, -\/3) can be shown to be the same as Q{V2 + a/3)). 

Example 0.99. The field Q{^/2) is a degree 2 extension of Q, with basis 1, ^/2. 

Theorem 0.100. [Tower Theorem] Let K C L C M be fields. Then: 

[M ■.K] = [M : L][L : K]. 

If £1, . . . , ir is a basis for L over K and mi, . . . , is a basis for M over L then the set of 
all iiTUj, for 1 ^ i ^ r, 1 ^ J ^ s, is a basis for M over K. 

Definition 0.101. Let L be a field extension of K. Define the set 

Aut(L : K) = {(T : L — )■ L : (T is an automorphism and cr(A:) = k for all k G K}., 

that is, the set of all automorphisms of L which fix K [recall that an automorphism of L is 
a a field isomorphism from L to itself]. Then Aut(L : K) forms a group under the operation 
of function composition, the automorphism group of the extension L : K. 

For any subgroup H ^ Aut(L : K)^ the fixed field of H is the field {i E L : = 
i for all o G i/}. If K is the fixed field of Aut(L : K\ we say that L : is a Galois extension 
and we refer to Aut(L : K) as the Galois group of the extension, denoted Gal(L : K) or 
Gal{L/K) or Gah/K- 

Example 0.102. The group Gal(Q(v^) : Q) has two elements: ai : a + b\pl a + b^ 
and (72 : a + 6-\/2 i->- a — bsf2. This can be seen as follows. First note that, since a is 
a field homomorphism, it fixes Q. Also, -\/2 —2 = and taking a of both sides give 
(7(-\/2 — 2) = (t(0) = 0, and so: ((t(-\/2))^ — 2 = 0, which means that (7(-\/2) is a root 
of — 2, giving only two possibilities: o{\f^ — v^, when we must have a — (Ti, or 
(t(-\/2) = — V^, when we must have — 02. 

Definition 0.103. Let be a field and let f(x) G K\x\. The smallest field L containing K 
and all roots of f(x) is called the splitting field of f{x) over K. 

It can be shown that, given any field K and any f{x) e K[x], there exists a splitting field 
of f{x) over K. 
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Example 0.104. Let f{x) = x'^ — 2 G Q[x] and let 7 be the real cube root of 2. Then 
f{x) = (x — 7)(x — u!'y){x — uP^)^ where u = e^'^/^ satisfies cu^ + a; + 1 = 0. It can be shown 
that the splitting field of f{x) over Q is Q(7,a;), which is a degree 6 extension of Q. 

Definition 0.105. Let K, L be fields. An embedding (or monomorphism) of K into L is a 
map from K to L which is an injective homomorphism. 

Lemma 0.106. Let K — Q(q;) he a number field of degree n over so that any member 
of K can be written as Oq + a^a + . . . + a„_iQ;"~^, for ai e Q. and let f{x) be the minimal 
polynomial of f{x) over Q, with roots ai, . . . , (one of which is a itself). Let a : K ^ C 
be an embedding of K into C, the complex numbers. By similar reasoning to Example 0.102, 
a fixes Q and must map a to a^, for some i. Furthermore, this fixes the embedding, since 
then a{ao + Uia + . . . + a„_iQ;"~^ = cr(ao) + cr{ai)a{a) + . . . + a{an-i)a{a)"'~^ — ao + a^a^ + 
. . . + an-iot^"^ . Hence there are precisely n embeddings of K into C. 

We say that o" is a real embedding if it maps K into M; otherwise we say that o" is a complex 
embedding (that is, if there exists x E K such that a{x) ^ M. It is standard notation here 
to let r denote the number of real embeddings of K into C and to let s denote the number 
of pairs of complex embeddings (paired by complex conjugation), so that the total number 
of embeddings is r + 2s. But we have already observed that the number of embeddings is 
also n (the degree of the number field K), so that n = r + 2s. 

Example 0.107. Let f{x) — x^ — 2 e Q[x], let 7 be the real cube root of 2, as in Ex- 
ample 0.104, and let K — Q{a), which is a number field of degree 3. Any embeddings 
of K into C must map 7 to one of the roots of x^ — 2, namely 7, a;7 or a;^7, and a is de- 
termined by this choice. For any + ai'j + 027^ & K, a must be one of the following 
three maps. ai{ao + 017 + 02) = oq + 017 + 027^, 0-2(00 + 017 + 02) = oq + aiu^ + a^oP'^'^ , 
or (73(00 + ai7 + 02) = 00 + axuP'^ -|- a2ijJj^. We can see that there is one real embed- 
ding (7i, so r = 1, and one pair of complex embeddings: (72,(73, so s — 1, consistend with 
n — r -\-2s — 2), since indeed the degree n of the number field is 3. 

Theorem 0.108. Let L he a finite field. Then \L\ = p^ , some prime p and some r G N. 

Proo/ Consider 1, 1 -|- 1, 1 -|- 1 -|- 1, . . .; since L is finite, there must be repetition at some stage, 
and we can deduce that there exists m G N such that 1 -|- . . . -|- 1 [m times] = 0, and let m be 
smallest such. However, m must not be composite, say m — M with both factors at least 2, 
since then 1 -|- . . . -|- 1 [k times] and 1 -|- . . . -|- 1 times] would each be nonzero, but would 
multiply to give 0, a contradiction (since L is a field and is therefore an integral domain). 
So m = p, for some prime p, and L contains a subfield K (the subfield generated by the 
element 1) which is isomorphic to Zp, so that \K\ — p. Let n — [L : K], the degree of the 
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extension (which must be finite, since L is finite) and let fi, . . . be a basis for L over K. 
Then any x G L can be written uniquely as x = kiii + . . . + for some ki, . . . ,kn & K. 
Since \K\ = p, there are p choices for each ki and so choices for the n-tuple /ci, . . . , A;„; 
that is to say, there are p'^ choices for x e L, so that \L\ = p"', as required. □ 

Comment 0.109. Given p" for any prime p and any n € N, it can be shown that the 
sphtting field of x^" — x over Zp has elements, and so there always exists a field with 
elements. 



The following is the main reference for the lecture course. 

Algebraic Number Theory and Fermat's Last Theorem, I. Stewart and D. Tall, Third Edition. 
This will be frequently cited as "S&T" . 

Older editions under the name "Algebraic Number Theory" will also suffice. 

Other useful but more advanced references: 
A Classical Introduction to Modern Number Theory., (Chapter 12) K. Ireland and M. Rosen 
Algebraic Number Theory, A. Prohhch and M.J. Taylor 
A Course in Computational Algebraic Number Theory, H. Cohen. 



The following gives some possible prc-coursc reading options if you find that you have 
gaps in your knowledge of any of the pre-rcquisite material described in Section 0. Sec also 
the lecture notes from: Mods Groups, Ring and Fields, Part A Rings, Part A Fields, Part A 
Number Theory and Part B Galois Theory. 

W. Keith Nicholson. Introduction to Abstract Algebra. (Second Edition, John Wiley, 1999). 

Peter J. Cameron. Introduction to Algebra. OUP 1998. 

Alan Baker. A Concise Introduction to the Theory of Numbers. CUP, 1985. 

I.M. Nivcn, H.S. Zuckerman and H.L. Montgomery. An Introduction to the Theory of Num- 
bers. Wiley, 1991. 

Chapter 1 (including the exercises) of Steward and Tall, above. 
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Algebraic Number Theory. Sheet 0. 

This sheet is for your own use (it is not intended to be handed in). 

(i) Let q & Q, let r be a non-zero square-free integer (that is: there is no prime p for 
which p^|r), and let q^r e Z. Show that q e Z. 

(ii) Find the minimum polynomial of What are the other roots of this polynomial? 

(iii) Show that Z[i] is a Euclidean Domain. What are the units in this ring? 

(iv) Factorise 6 -|- 12i into irreducibles in Z[i], and prove that your factors are indeed 
irreducible. 

(v) Let a be a non-zero element of R :— Z[i], and define A — {ar : r e R}. Show 
that R/A is finite. If a is prime show that R/A is an integral domain. Quote an 
appropriate theorem on finite integral domains, and deduce that A is a maximal ideal 
of R. 

(vi) Let S — {m + n\/^ : m,n e Z}, and let / be the ideal of S generated by 2 and 
^/^. Show that S/I has exactly two elements, and deduce that / is a maximal ideal 
of S. 

Reading and Further Practice: Chapter 1 of Stewart and Tall, including the exercises. 



